Show simple item record

dc.contributor.authorWang, Yutong
dc.contributor.authorHan, Yufei
dc.contributor.authorBao, Hongyan
dc.contributor.authorShen, Yun
dc.contributor.authorMa, Fenglong
dc.contributor.authorLi, Jin
dc.contributor.authorZhang, Xiangliang
dc.date.accessioned2020-08-25T11:22:06Z
dc.date.available2020-08-25T11:22:06Z
dc.date.issued2020-08-20
dc.identifier.citationWang, Y., Han, Y., Bao, H., Shen, Y., Ma, F., Li, J., & Zhang, X. (2020). Attackability Characterization of Adversarial Evasion Attack on Discrete Data. Proceedings of the 26th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining. doi:10.1145/3394486.3403194
dc.identifier.isbn9781450379984
dc.identifier.doi10.1145/3394486.3403194
dc.identifier.urihttp://hdl.handle.net/10754/664815
dc.description.abstractEvasion attack on discrete data is a challenging, while practically interesting research topic. It is intrinsically an NP-hard combinatorial optimization problem. Characterizing the conditions guaranteeing the solvability of an evasion attack task thus becomes the key to understand the adversarial threat. Our study is inspired by the weak submodularity theory. We characterize the attackability of a targeted classifier on discrete data in evasion attack by bridging the attackability measurement and the regularity of the targeted classifier. Based on our attackability analysis, we propose a computationally efficient orthogonal matching pursuit-guided attack method for evasion attack on discrete data. It provides provably attack efficiency and performances. Substantial experimental results on real-world datasets validate the proposed attackability conditions and the effectiveness of the proposed attack method.
dc.description.sponsorshipOur research in this publication was supported by funding from King Abdullah University of Science and Technology (KAUST), under award number FCC/1/1976-19-01 and KAUST AI Initiative, and NSFC No. 61828302.
dc.publisherAssociation for Computing Machinery (ACM)
dc.relation.urlhttps://dl.acm.org/doi/10.1145/3394486.3403194
dc.rightsArchived with thanks to ACM
dc.titleAttackability Characterization of Adversarial Evasion Attack on Discrete Data
dc.typeConference Paper
dc.contributor.departmentComputer Science
dc.contributor.departmentComputer Science Program
dc.contributor.departmentComputer, Electrical and Mathematical Sciences and Engineering (CEMSE) Division
dc.contributor.departmentMachine Intelligence & kNowledge Engineering Lab
dc.conference.dateAugust 23–27, 2020
dc.conference.locationVirtual Event, CA, USA
dc.eprint.versionPost-print
dc.contributor.institutionNortonlifelock, Sophia-Antipolis, France
dc.contributor.institutionNortonlifelock, Reading, United Kingdom
dc.contributor.institutionPenn State University, Pennsylvania, PA, USA
dc.contributor.institutionGuangzhou University, Guangzhou , China
kaust.personWang, Yutong
kaust.personBao, Hongyan
kaust.personZhang, Xiangliang
kaust.grant.numberFCC/1/1976-19-01
refterms.dateFOA2020-08-25T11:34:19Z
dc.date.published-online2020-08-20
dc.date.published-print2020-08-23


Files in this item

Thumbnail
Name:
submodular_evasion_attack (2).pdf
Size:
740.6Kb
Format:
PDF
Description:
Accepted Manuscript

This item appears in the following Collection(s)

Show simple item record